Cyber Shelf

// What to read next

What to read after Practical Social Engineering

Where to go after Practical Social Engineering, picked from our catalog. The next step up from intermediate level, weighted toward the topics this book covers.

Social EngineeringOSINTPentesting

  1. 01 · 2022

    Gray Hat Hacking

    A multi-author breadth-first reference covering the modern offensive landscape: web, binary, hardware, IoT, mobile, cloud, and adversarial ML — the closest thing in print to a single-volume snapshot of where offensive security is.

    Advanced
    4/5Allen Harper, Ryan Linn, Stephen Sims, Michael Baucom, Daniel Fernandez, Huascar Tejeda, Moses Frost

  2. 02 · 2018

    Social Engineering

    Christopher Hadnagy's broad procedural reference on social engineering as a discipline — recon, pretexting, elicitation, microexpressions, and the structured engagement model his consultancy operationalized.

    Intermediate
    4/5Christopher Hadnagy

  3. 03 · 2024

    Extreme Privacy

    Michael Bazzell's defender-side companion to OSINT Techniques: a step-by-step program for removing yourself from data brokers, public records, and the everyday surveillance economy without going off-grid.

    Intermediate
    5/5Michael Bazzell

  4. 04 · 2024

    OSINT Techniques

    Michael Bazzell's relentlessly updated technical manual for finding people, accounts, breach data, geolocation evidence, and online identifiers — the de facto reference of the modern OSINT field.

    Intermediate
    5/5Michael Bazzell

  5. 05 · 2025

    Metasploit

    The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.

    Intermediate
    4/5David Kennedy, Mati Aharoni, Devon Kearns, Jim O'Gorman, Daniel G. Graham

  6. 06 · 2018

    The Hacker Playbook 3

    Peter Kim's hands-on red-team field manual: assumed-breach scenarios, lateral movement, AV/EDR evasion, and the operational rhythm of a real engagement rather than a checklist of CVEs.

    Intermediate
    4/5Peter Kim

  7. 07 · 2018

    Pentesting Azure Applications

    Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.

    Intermediate
    3/5Matt Burrough

  8. 08 · 2015

    The Mobile Application Hacker's Handbook

    Chell, Erasmus, Colley, and Whitehouse's reference on iOS and Android application security from the early-mid 2010s — runtime hooking, transport security, IPC abuse, and the platform-specific surface of mobile pentesting.

    Intermediate
    3/5Dominic Chell, Tyrone Erasmus, Shaun Colley, Ollie Whitehouse
Back to Practical Social EngineeringAlternatives to Practical Social Engineering